Senior Application Security Engineer (Hiring Immediately)

About us:

Amach is an industry-leading technology driven company with headquarters located in Dublin and remote teams in UK and Europe.

Our blended teams of local and nearshore talent are optimised to deliver high quality and collaborative solutions.

Founded in 2013, Amach was created to solve a specific problem in aviation: too much complexity, too little usable intelligence. We help airlines modernise their operating model using cloud, data and Al-delivered by teams with deep aviation domain expertise.

Our goal is to maximize airlines' operational efficiency by optimizing resource use, reduce costs and increase customer experience and satisfaction.

The Senior Application Security Engineer is responsible for leading the application security practice across and taking ownership of key security KPIs, with a focus on strengthening the security of software, systems, and engineering processes.

This role will have a strong emphasis on embedding secure software development practices across the engineering lifecycle, including security guidance from design through deployment, integration of automated security controls into delivery pipelines, and improving the effectiveness of application security testing and assurance activities.

Please note: the successful candidate will be required to go to our customers Central London office 2 days per week.

Key responsibilities & duties include:

• Lead the application security practice and take ownership of key security KPIs, driving measurable improvements in application security maturity
• Work with engineering and product teams to embed secure development practices from design through deployment, providing expert guidance on secure architecture and design decisions
• Facilitate threat modelling sessions and review security-sensitive decisions around authentication, cryptography, and logging
• Integrate and configure automated security tooling (SAST, DAST, SCA) and oversee testing programs (penetration testing, vulnerability scanning, bug bounty) to ensure effectiveness and efficiency
• Triage vulnerabilities and support engineering teams with practical remediation and mitigation plans
• Deliver training, raise awareness, and champion secure-by-default practices across the organisation
• Contribute to documentation, internal security standards and engineering processes
• Support internal and external audits and promote a strong security culture across the organisation

Required skills

• 8+ years of experience in application security, software engineering, and/or product security, with strong hands-on experience in secure software development environments
• Proficiency in coding and scripting (Python, Bash), with working knowledge of tools and automation in environments such as GitHub-based delivery pipelines
• Demonstratable experience leading or shaping application security practices across engineering teams
• Strong understanding of web and API vulnerabilities, including the OWASP Top 10 and common modern application attack patterns
• Familiarity with modern cloud-native environments (especially AWS), as well as containers and microservices architectures
• Experience working closely with software engineers and product teams to embed security into day-to-day development practices
• Proven experience reviewing security-sensitive technical designs, including areas such as authentication, cryptography and logging
• Hands-on experience integrating and tuning application security tooling such as SAST, DAST and SCA within CI/CD workflows
• Experience supporting or evaluating security testing programmes such as penetration testing, vulnerability scanning and bug bounty
• Practical experience triaging vulnerabilities and working with engineering teams on realistic remediation and mitigation plans
• Comfortable acting as the go-to person for technical security discussions and presenting clearly to senior technical and non-technical stakeholders
• Strong communicator with the ability to provide expert guidance, training, and practical advice that promotes secure-by-default engineering behaviours

Desirable skills

• Experience automating security controls and checks in modern software delivery pipelines
• Confidence reviewing application and platform designs from a security perspective
• Ability to explain security risks and recommendations clearly to both technical and non-technical stakeholders
• Strong collaboration skills and a practical, engineering-focused approach to improving security outcomes

What’s in it for you:

• An opportunity to join a fast-growing company
• Options for career advancement
• Learning and development opportunities
• Flexible working environment
• Competitive salaries based on experience

Equal Opportunity Employer:

Amach is an equal opportunity employer and makes employment decisions on the basis of merit. We celebrate diversity and are committed to creating an inclusive environment for all employees. This job description is intended to convey essential responsibilities and qualifications for this role, but it is not an exhaustive list of tasks that an employee may be required to perform.

If you are passionate about driving customer success, advising on strategic solutions, and contributing to product innovation, we would love to hear from you!

Not for you?

Check out all of our open positions in our and follow us on for future opportunities.